The Agent Skills Directory

[SAFE]: The skill instructions and associated resource files are purely focused on software architecture methodology and decision-making records. No malicious patterns or security risks were identified.- [COMMAND_EXECUTION]: The skill uses ripgrep (rg) for local file searching within the project directory. This is a standard and legitimate use of tooling to identify architectural boundaries and dependencies in the source code.- [DATA_EXPOSURE]: File system access is restricted to reading the local codebase and writing analysis results to the .agents/results/architecture/ directory. There are no attempts to access sensitive system files, environment variables, or user credentials.- [PROMPT_INJECTION]: The skill ingests data from local source files for analysis. While no explicit boundary markers or sanitization logic are defined in the instructions to isolate this untrusted content, the risk of indirect prompt injection is minimized by the skill's focused purpose and the lack of dangerous capabilities like network access or arbitrary command execution.

oma-architecture